From patchwork Wed Jan 3 23:27:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Qu Wenruo X-Patchwork-Id: 184871 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:6f82:b0:100:9c79:88ff with SMTP id tb2csp5319363dyb; Wed, 3 Jan 2024 15:28:58 -0800 (PST) X-Google-Smtp-Source: AGHT+IHaTfXh4kL5U+0nD+uaZIuCe+s4YrYVfR+sjKUtaH9C3Q58BjEEgCjSGZazm4JKkGOdTCYj X-Received: by 2002:a50:ab52:0:b0:551:e1fa:bcfa with SMTP id t18-20020a50ab52000000b00551e1fabcfamr11366555edc.74.1704324538590; Wed, 03 Jan 2024 15:28:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704324538; cv=none; d=google.com; s=arc-20160816; b=h024bEHcJyCPG/a8RhRI2VtY8fUd7/Da+ujrmXfZ7h1BSEonXQ4omEcNZlZRn/pgnh Mp2hrxzGXSQdbnw39J5X4n3YneC9+EqdhKfkHDb2oL6j++ToLGQ+6Zzch6QxiDsU70lk QwPGNWcH8y/tV4Zn/kBVAnznVgGUZKb/QUboyRpA8BNerzAwZ64bQulaBHjjUQRa/ITH nr2p5Vl4VLK6TFBt7HJYDDTsl9TXeOTlVgr6JlCBjet+pQgMuSMNworLEFBsDBKbS5P1 K/IDT3LdCBiLe8NLsDbsJEsmDk7I0B65nu+0p4XdTIvYnyV/1e5ovf890+9gQYa7OG0u /chA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:to:from:dkim-signature:dkim-signature; bh=frgVRPdp70OVgJksCxSW6XCCaTKoGsaFs4KP1Eow2jE=; fh=5WEccoI3MXPoqgQkOYurL1AQ0GZs+h36FarqzwkCNds=; b=O8djYyifiuFE5cAX9UhbSam49UqYdUKfu90nQ3NdF26HGytbjIlESDf6AAyFxOQno0 dov6v6zAvJWALSeuwGe5OBxx0unLK6lBPHsHePeouc0UPDSlQ2qxqpl0tFgfrtr47aqk 0bIo7DqZubF9IpaOYPXkfA9SrNNsG9BbJKL/O8d6pipb7CJ8FvpdleM24UiF1wQBNB4H KiBoPCu+nCl4CrxlIz6qRy+0oGnqND3EVk0tpih0L5ddAXY9FHS0VTJbIAmGn23nQRmQ XSOOzCGtmD8JnI9jpJh07aY/rSS8VXUFq0IEDdoX1hB7uyZudrVGJFG4i3+bExt9WGX1 MqTQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b="BS/MAECR"; dkim=pass header.i=@suse.com header.s=susede1 header.b="BS/MAECR"; spf=pass (google.com: domain of linux-kernel+bounces-16116-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16116-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id m13-20020a50998d000000b0055495019943si10339537edb.206.2024.01.03.15.28.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Jan 2024 15:28:58 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-16116-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b="BS/MAECR"; dkim=pass header.i=@suse.com header.s=susede1 header.b="BS/MAECR"; spf=pass (google.com: domain of linux-kernel+bounces-16116-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16116-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 085BF1F25487 for ; Wed, 3 Jan 2024 23:28:58 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A17CC20305; Wed, 3 Jan 2024 23:28:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="BS/MAECR"; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="BS/MAECR" X-Original-To: linux-kernel@vger.kernel.org Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 36CFA1F926; Wed, 3 Jan 2024 23:28:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 0C52221ECA; Wed, 3 Jan 2024 23:28:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1704324499; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=frgVRPdp70OVgJksCxSW6XCCaTKoGsaFs4KP1Eow2jE=; b=BS/MAECR5qZgfeBcU+viUNd2YXUBJYA7trmLUcWM4UZRKMTXMfLTCoPTsvcGmm9+G/WMJW 7Ox/daEyCnaezMGFvJjjoYAn3sJ/UC9B+MYRhN2L0QsbN0TGA0LTl35v3URUUXqp7zCDLv 5x62EnAjCPD4OTssaLQ+ODyIO58sqcM= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1704324499; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=frgVRPdp70OVgJksCxSW6XCCaTKoGsaFs4KP1Eow2jE=; b=BS/MAECR5qZgfeBcU+viUNd2YXUBJYA7trmLUcWM4UZRKMTXMfLTCoPTsvcGmm9+G/WMJW 7Ox/daEyCnaezMGFvJjjoYAn3sJ/UC9B+MYRhN2L0QsbN0TGA0LTl35v3URUUXqp7zCDLv 5x62EnAjCPD4OTssaLQ+ODyIO58sqcM= Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 4FD1C13AA6; Wed, 3 Jan 2024 23:28:14 +0000 (UTC) Received: from dovecot-director2.suse.de ([10.150.64.162]) by imap1.dmz-prg2.suse.org with ESMTPSA id ICGdMI7tlWWXTgAAD6G6ig (envelope-from ); Wed, 03 Jan 2024 23:28:14 +0000 From: Qu Wenruo To: linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org, akpm@linux-foundation.org, christophe.jaillet@wanadoo.fr, andriy.shevchenko@linux.intel.com, David.Laight@ACULAB.COM, ddiss@suse.de, geert@linux-m68k.org Subject: [PATCH v3 1/4] kstrtox: always skip the leading "0x" even if no more valid chars Date: Thu, 4 Jan 2024 09:57:48 +1030 Message-ID: <9076fa9d3d2d3b2574386f4850a45f7902f6503c.1704324320.git.wqu@suse.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Rspamd-Server: rspamd1.dmz-prg2.suse.org X-Spam-Score: 1.69 X-Spamd-Bar: + X-Spam-Flag: NO X-Spamd-Result: default: False [1.69 / 50.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[suse.com:s=susede1]; FROM_HAS_DN(0.00)[]; FREEMAIL_ENVRCPT(0.00)[wanadoo.fr]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; BROKEN_CONTENT_TYPE(1.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_SIGNED(0.00)[suse.com:s=susede1]; DKIM_TRACE(0.00)[suse.com:+]; MX_GOOD(-0.01)[]; RCPT_COUNT_SEVEN(0.00)[8]; MID_CONTAINS_FROM(1.00)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.com:dkim,suse.com:email,suse.de:email]; FREEMAIL_TO(0.00)[vger.kernel.org,linux-foundation.org,wanadoo.fr,linux.intel.com,ACULAB.COM,suse.de,linux-m68k.org]; FUZZY_BLOCKED(0.00)[rspamd.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%]; RBL_SPAMHAUS_BLOCKED_OPENRESOLVER(0.00)[2a07:de40:b281:104:10:150:64:97:from] Authentication-Results: smtp-out1.suse.de; dkim=pass header.d=suse.com header.s=susede1 header.b="BS/MAECR" X-Spam-Level: * X-Rspamd-Queue-Id: 0C52221ECA X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1787113807277055633 X-GMAIL-MSGID: 1787113807277055633 Currently the invalid string "0x" (only hex prefix, no valid chars followed) would make _parse_integer_fixup_radix() to treat it as octal. This is due to the fact that the function would only auto-detect hex if and only if there is any valid hex char after "0x". Or it would only go octal instead. Thankfully this won't affect our unit test, as "0x" would still be treated as failure (-EINVAL) anyway: - Old code treats "0x" as '0' with tailing 'x' Thus return -EINVAL due to the tailing 'x'. - New code treats "0x" as "0x" suffix with nothing following up Thus return -EINVAL due to no valid string. But for the incoming memparse_safe(), the remaining string would still be consumed by the caller, and we need to properly treat "0x" as an invalid string. So this patch would make _parse_integer_fixup_radix() to forcefully go hex no matter if there is any valid char following. And there is a also copy of _parse_integer_fixup_radix() inside arch/x86/boot/string.c, to keep the code consistent this patch would also modify that copy. Thankfully for that copy in arch/x86/boot/string.c, it's only doing kstrtoll(), thus there would be no behavior change, just as explained above. Signed-off-by: Qu Wenruo Reviewed-by: David Disseldorp --- arch/x86/boot/string.c | 2 +- lib/kstrtox.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/boot/string.c b/arch/x86/boot/string.c index 1c8541ae3b3a..49750ef697bb 100644 --- a/arch/x86/boot/string.c +++ b/arch/x86/boot/string.c @@ -233,7 +233,7 @@ static const char *_parse_integer_fixup_radix(const char *s, unsigned int *base) { if (*base == 0) { if (s[0] == '0') { - if (_tolower(s[1]) == 'x' && isxdigit(s[2])) + if (_tolower(s[1]) == 'x') *base = 16; else *base = 8; diff --git a/lib/kstrtox.c b/lib/kstrtox.c index d586e6af5e5a..41c9a499bbf3 100644 --- a/lib/kstrtox.c +++ b/lib/kstrtox.c @@ -27,7 +27,7 @@ const char *_parse_integer_fixup_radix(const char *s, unsigned int *base) { if (*base == 0) { if (s[0] == '0') { - if (_tolower(s[1]) == 'x' && isxdigit(s[2])) + if (_tolower(s[1]) == 'x') *base = 16; else *base = 8; From patchwork Wed Jan 3 23:27:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Qu Wenruo X-Patchwork-Id: 184872 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:6f82:b0:100:9c79:88ff with SMTP id tb2csp5319462dyb; Wed, 3 Jan 2024 15:29:17 -0800 (PST) X-Google-Smtp-Source: AGHT+IGdTh17d2YeH3jBB7xb+k4YaUuYGdWWtuAtKBCUti5R7OAT2+sNTh+CQqvJcn9jlLIC85ej X-Received: by 2002:a17:907:60ce:b0:a26:9347:3742 with SMTP id hv14-20020a17090760ce00b00a2693473742mr10564439ejc.44.1704324556796; Wed, 03 Jan 2024 15:29:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704324556; cv=none; d=google.com; s=arc-20160816; b=hacpvs68dJieOaysK4Hr5VbNBaPW3svnszn1lVTmIcxmOTVbmGaMTflmOoEBEV1d7r SbgC5/f8hcSsTko/3m17NSE6w1b2DCr2CeyY5y/CrnBJsaU9AfZkNnwIQuiPLxJAllEr y/xqWeO+W8bV0fubHs11ILL7OJXJASzyfbCwBvOpZCihaIZhDFfrp6UEmPy5bdu5hVca kCbcujZ3WrxsfYwXDH09YRj+1Slw0+XznP8YxM+8BBBMrvArL+M0MCM0WEWNVHvfWbB9 sqksQFzV0qNk2en5Iz/HJOCWIWCsbywod0na09VOTtuXQHbzW9bRll6KBcN3H38tN8e/ ej1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:to:from:dkim-signature:dkim-signature; bh=kffFtRl5m4ojqwep18pNVD5nd1xQvcq1dn2rbQ2uvyg=; fh=5WEccoI3MXPoqgQkOYurL1AQ0GZs+h36FarqzwkCNds=; b=GBpEJdOPPzbbcOrHR8L6YRS/lFJWYoxGtr54B7nEDsBYsKkIUVLbilpjRO/m6JfZmz FMvJydeTwFBmRiOk8SVpUhMV9Hxz4Ss90VA1PBHM7T+oez5FBGej23hlltmuGtlN2Hjj 2CKwyurPaRRQroqYjCrbk3G9YKl8wl01xvf3r/u2WB/G6sySTkQvNWxAcCZKrg4/FtaI V1t/AJAS+MnHxpP2MDNGToXsnAnubGWQuZWAvJyJqb1pF0ChLxpjMunN/I2b3JBY5yof Ovkv/VpZnAKKTF1v32fSEmWHIcPWHcaWPZyPrvSbmeaREebIBj1AlESxupodW2HFLc2Q rYZA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=nx+rfJMR; dkim=pass header.i=@suse.com header.s=susede1 header.b=LYnBnPnV; spf=pass (google.com: domain of linux-kernel+bounces-16117-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16117-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id fu2-20020a170907b00200b00a280be1243csi2477367ejc.463.2024.01.03.15.29.16 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Jan 2024 15:29:16 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-16117-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=nx+rfJMR; dkim=pass header.i=@suse.com header.s=susede1 header.b=LYnBnPnV; spf=pass (google.com: domain of linux-kernel+bounces-16117-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16117-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 3ACCB1F25C0A for ; Wed, 3 Jan 2024 23:29:16 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D0667208A8; Wed, 3 Jan 2024 23:28:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="nx+rfJMR"; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="LYnBnPnV" X-Original-To: linux-kernel@vger.kernel.org Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.223.130]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 115D12030E; Wed, 3 Jan 2024 23:28:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [IPv6:2a07:de40:b281:104:10:150:64:97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id E9C6221EDC; Wed, 3 Jan 2024 23:28:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1704324504; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kffFtRl5m4ojqwep18pNVD5nd1xQvcq1dn2rbQ2uvyg=; b=nx+rfJMRpwMPJ8dV77fDDyBee3QI5eZGjDNbQfFq00eSUb8xC6D6d6egE2OCZfHfjC+RQC ibFW76/25K3qcpo8JECE7ZFGP1C7Pmzou9NiG/Zoul4gFCuKfbqERrrIQZBgTKmNX8NNHu /48GCfei9/0B2Zp4R6AelkmetoeMaXg= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1704324503; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kffFtRl5m4ojqwep18pNVD5nd1xQvcq1dn2rbQ2uvyg=; b=LYnBnPnVhFpZW9oao06138VQyeY2hm5s1vXU7x5mRFIBZk6W6yQOC3ppDAhQPApbKJj1Gh CEJjKgMIziY14uWWrlsVi4IFu3KraQtIvBnuzSwkmhQejWpoW+IqubP+8zt+p4x06X0w4c 58pjzp/QkXUmhCU62lMw+Bp72GWBxf4= Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id C099D1398A; Wed, 3 Jan 2024 23:28:19 +0000 (UTC) Received: from dovecot-director2.suse.de ([10.150.64.162]) by imap1.dmz-prg2.suse.org with ESMTPSA id gMJOGZPtlWWXTgAAD6G6ig (envelope-from ); Wed, 03 Jan 2024 23:28:19 +0000 From: Qu Wenruo To: linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org, akpm@linux-foundation.org, christophe.jaillet@wanadoo.fr, andriy.shevchenko@linux.intel.com, David.Laight@ACULAB.COM, ddiss@suse.de, geert@linux-m68k.org Subject: [PATCH v3 2/4] kstrtox: introduce a safer version of memparse() Date: Thu, 4 Jan 2024 09:57:49 +1030 Message-ID: <4960b36916d55e22be08fe1689b81e0eefb47578.1704324320.git.wqu@suse.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Rspamd-Server: rspamd1.dmz-prg2.suse.org X-Spam-Score: 1.69 X-Spamd-Bar: + X-Spam-Flag: NO X-Spamd-Result: default: False [1.69 / 50.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[suse.com:s=susede1]; FROM_HAS_DN(0.00)[]; FREEMAIL_ENVRCPT(0.00)[wanadoo.fr]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; BROKEN_CONTENT_TYPE(1.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_SIGNED(0.00)[suse.com:s=susede1]; DKIM_TRACE(0.00)[suse.com:+]; MX_GOOD(-0.01)[]; RCPT_COUNT_SEVEN(0.00)[8]; MID_CONTAINS_FROM(1.00)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.com:dkim,suse.com:email,suse.de:email]; FREEMAIL_TO(0.00)[vger.kernel.org,linux-foundation.org,wanadoo.fr,linux.intel.com,ACULAB.COM,suse.de,linux-m68k.org]; FUZZY_BLOCKED(0.00)[rspamd.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%]; RBL_SPAMHAUS_BLOCKED_OPENRESOLVER(0.00)[2a07:de40:b281:104:10:150:64:97:from] Authentication-Results: smtp-out1.suse.de; dkim=pass header.d=suse.com header.s=susede1 header.b=LYnBnPnV X-Spam-Level: * X-Rspamd-Queue-Id: E9C6221EDC X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1787113825966467049 X-GMAIL-MSGID: 1787113825966467049 [BUGS] Function memparse() lacks error handling: - If no valid number string at all In that case @retptr would just be updated and return value would be zero. - No overflown detection This applies to both the number string part, and the suffixes part. And since we have no way to indicate errors, we can get weird results like: "25E" -> 10376293541461622784 (9E) This is due to the fact that for "E" suffix, there is only 4 bits left, and 25 with 60 bits left shift would lead to overflow. [CAUSE] The root cause is already mentioned in the comments of the function, the usage of simple_strtoull() is the source of evil. Furthermore the function prototype is no good either, just returning an unsigned long long gives us no way to indicate an error. [FIX] Due to the prototype limits, we can not have a drop-in replacement for memparse(). This patch can only help by introduce a new helper, memparse_safe(), and mark the old memparse() deprecated. The new memparse_safe() has the following improvement: - Invalid string detection If no number string can be detected at all, -EINVAL would be returned. - Better overflow detection Both the string part and the extra left shift would have overflow detection. Any overflow would result -ERANGE. - Safer default suffix selection The helper allows the caller to choose the suffixes that they want to use. But only "KMGTP" are recommended by default since the "E" leaves only 4 bits before overflow. For those callers really know what they are doing, they can still manually to include all suffixes. Due to the prototype change, callers should migrate to the new one and change their code and add extra error handling. Signed-off-by: Qu Wenruo Reviewed-by: David Disseldorp --- include/linux/kernel.h | 8 +++- include/linux/kstrtox.h | 15 +++++++ lib/cmdline.c | 5 ++- lib/kstrtox.c | 96 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 122 insertions(+), 2 deletions(-) diff --git a/include/linux/kernel.h b/include/linux/kernel.h index d9ad21058eed..b1b6da60ea43 100644 --- a/include/linux/kernel.h +++ b/include/linux/kernel.h @@ -201,7 +201,13 @@ void do_exit(long error_code) __noreturn; extern int get_option(char **str, int *pint); extern char *get_options(const char *str, int nints, int *ints); -extern unsigned long long memparse(const char *ptr, char **retptr); + +/* + * DEPRECATED, lack of any kind of error handling. + * + * Use memparse_safe() from lib/kstrtox.c instead. + */ +extern __deprecated unsigned long long memparse(const char *ptr, char **retptr); extern bool parse_option_str(const char *str, const char *option); extern char *next_arg(char *args, char **param, char **val); diff --git a/include/linux/kstrtox.h b/include/linux/kstrtox.h index 7fcf29a4e0de..53a1e059dd31 100644 --- a/include/linux/kstrtox.h +++ b/include/linux/kstrtox.h @@ -9,6 +9,21 @@ int __must_check _kstrtoul(const char *s, unsigned int base, unsigned long *res); int __must_check _kstrtol(const char *s, unsigned int base, long *res); +enum memparse_suffix { + MEMPARSE_SUFFIX_K = 1 << 0, + MEMPARSE_SUFFIX_M = 1 << 1, + MEMPARSE_SUFFIX_G = 1 << 2, + MEMPARSE_SUFFIX_T = 1 << 3, + MEMPARSE_SUFFIX_P = 1 << 4, + MEMPARSE_SUFFIX_E = 1 << 5, +}; + +#define MEMPARSE_SUFFIXES_DEFAULT (MEMPARSE_SUFFIX_K | MEMPARSE_SUFFIX_M |\ + MEMPARSE_SUFFIX_G | MEMPARSE_SUFFIX_T |\ + MEMPARSE_SUFFIX_P) + +int __must_check memparse_safe(const char *s, enum memparse_suffix suffixes, + unsigned long long *res, char **retptr); int __must_check kstrtoull(const char *s, unsigned int base, unsigned long long *res); int __must_check kstrtoll(const char *s, unsigned int base, long long *res); diff --git a/lib/cmdline.c b/lib/cmdline.c index 90ed997d9570..d379157de349 100644 --- a/lib/cmdline.c +++ b/lib/cmdline.c @@ -139,12 +139,15 @@ char *get_options(const char *str, int nints, int *ints) EXPORT_SYMBOL(get_options); /** - * memparse - parse a string with mem suffixes into a number + * memparse - DEPRECATED, parse a string with mem suffixes into a number * @ptr: Where parse begins * @retptr: (output) Optional pointer to next char after parse completes * + * There is no way to handle errors, and no overflown detection and string + * sanity checks. * Parses a string into a number. The number stored at @ptr is * potentially suffixed with K, M, G, T, P, E. + * */ unsigned long long memparse(const char *ptr, char **retptr) diff --git a/lib/kstrtox.c b/lib/kstrtox.c index 41c9a499bbf3..a1e4279f52b3 100644 --- a/lib/kstrtox.c +++ b/lib/kstrtox.c @@ -113,6 +113,102 @@ static int _kstrtoull(const char *s, unsigned int base, unsigned long long *res) return 0; } +/** + * memparse_safe - convert a string to an unsigned long long, safer version of + * memparse() + * + * @s: The start of the string. Must be null-terminated. + * The base would be determined automatically, if it starts with + * "0x" the base would be 16, if it starts with "0" the base + * would be 8, otherwise the base would be 10. + * After a valid number string, there can be at most one + * case-insensive suffix character, specified by the @suffixes + * parameter. + * + * @suffixes: The suffixes which should be parsed. Use logical ORed + * memparse_suffix enum to indicate the supported suffixes. + * The suffixes are case-insensive, all 2 ^ 10 based. + * Supported ones are "KMGPTE". + * NOTE: If one suffix out of the supported one is hit, it would + * end the parse normally, with @retptr pointed to the unsupported + * suffix. + * + * @res: Where to write the result. + * + * @retptr: (output) Optional pointer to the next char after parse completes. + * + * Return 0 if any valid numberic string can be parsed, and @retptr updated. + * Return -INVALID if no valid number string can be found. + * Return -ERANGE if the number overflows. + * For minus return values, @retptr would not be updated. + */ +noinline int memparse_safe(const char *s, enum memparse_suffix suffixes, + unsigned long long *res, char **retptr) +{ + unsigned long long value; + unsigned int rv; + int shift = 0; + int base = 0; + + s = _parse_integer_fixup_radix(s, &base); + rv = _parse_integer(s, base, &value); + if (rv & KSTRTOX_OVERFLOW) + return -ERANGE; + if (rv == 0) + return -EINVAL; + + s += rv; + switch (*s) { + case 'K': + case 'k': + if (!(suffixes & MEMPARSE_SUFFIX_K)) + break; + shift = 10; + break; + case 'M': + case 'm': + if (!(suffixes & MEMPARSE_SUFFIX_M)) + break; + shift = 20; + break; + case 'G': + case 'g': + if (!(suffixes & MEMPARSE_SUFFIX_G)) + break; + shift = 30; + break; + case 'T': + case 't': + if (!(suffixes & MEMPARSE_SUFFIX_T)) + break; + shift = 40; + break; + case 'P': + case 'p': + if (!(suffixes & MEMPARSE_SUFFIX_P)) + break; + shift = 50; + break; + case 'E': + case 'e': + if (!(suffixes & MEMPARSE_SUFFIX_E)) + break; + shift = 60; + break; + } + if (shift) { + s++; + if (value >> (64 - shift)) + return -ERANGE; + value <<= shift; + } + *res = value; + if (retptr) + *retptr = (char *)s; + return 0; +} +EXPORT_SYMBOL(memparse_safe); + /** * kstrtoull - convert a string to an unsigned long long * @s: The start of the string. The string must be null-terminated, and may also From patchwork Wed Jan 3 23:27:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Qu Wenruo X-Patchwork-Id: 184874 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:6f82:b0:100:9c79:88ff with SMTP id tb2csp5319840dyb; Wed, 3 Jan 2024 15:30:22 -0800 (PST) X-Google-Smtp-Source: AGHT+IFUbNL66w6xtJ2NiUurbXuygR9DIMXSqz6QuRRsyWl22aVzluDWwp0vrfGo2IWNnUbaDNwJ X-Received: by 2002:a05:6e02:3090:b0:360:37a:151 with SMTP id bf16-20020a056e02309000b00360037a0151mr22740522ilb.18.1704324621773; Wed, 03 Jan 2024 15:30:21 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704324621; cv=none; d=google.com; s=arc-20160816; b=h3TNMjVuOs65V2hndmqyGVbi1e+fZeYN14VURUg4uACerRDUG4wx3hF+VLl3tihMww Fl+aQAhiochm2T9DxrqLqMao+Nl9RnNOxVAiNStS4vZsL5BuXMicEWIA3ihdAY9CoNaN 3J26neRU7HFSNWZfiBM8OUVFfo0cgQ1KqDUU3YHRSrFi4u01Wh5WsoULlE4kvwakxPuN z2u36+kdwSi76f6oXdDjstcqVbLDrr0YRSS+wefvYEpNtoa8fQOeNRWwdeA43tY5srZ5 V5Qn0oCbXbkwyKbvRz4eL78vj4bQ7H5otd22JsOzgvp1Z9S3UPIuT7/0fJnUDFgM5ESx WZFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:to:from:dkim-signature:dkim-signature; bh=r0wCWhBQozO3Z2ctWn9ecEecEmejOp5V+NjL13yOagY=; fh=5WEccoI3MXPoqgQkOYurL1AQ0GZs+h36FarqzwkCNds=; b=QJ5g1phMeXhRkyZYcUhSItI/J8CzxLlccRwK9mbaoVbDG/aJwd6Et7xnVg9Q6HOWjc yhFun+AFnwPa9R/PE41dTD/GiTqeCDVLBjUcWQhdw+cUSceOomc7Fpo6nbrezKwbQsAT 4Y1/LzDIYxWK00JNoCi/H/LvIz+oHGUnnUclZcMilDM+c9LPMisXcP56GCsKCogr3Y90 tlcc92Qm91yh4Js6k3iPAmYXNBNQLPULcNk+on3AzoxrQ4N5UHg9HhCVRc5ekk/+QcGM zl0SK5TUA8Qf13p5eW9A6lourTRWsGsPdVyDbpkn5zc1EdGiee/DIW51c6lYjAhptN+H jbUw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=BFkjJ3xe; dkim=pass header.i=@suse.com header.s=susede1 header.b=BFkjJ3xe; spf=pass (google.com: domain of linux-kernel+bounces-16118-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16118-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161]) by mx.google.com with ESMTPS id g1-20020a636b01000000b005c65fe4373fsi22572014pgc.315.2024.01.03.15.30.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Jan 2024 15:30:21 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-16118-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=BFkjJ3xe; dkim=pass header.i=@suse.com header.s=susede1 header.b=BFkjJ3xe; spf=pass (google.com: domain of linux-kernel+bounces-16118-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16118-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id B3036B23F2D for ; Wed, 3 Jan 2024 23:29:34 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 0A1D5208CB; Wed, 3 Jan 2024 23:28:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="BFkjJ3xe"; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="BFkjJ3xe" X-Original-To: linux-kernel@vger.kernel.org Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 509342033A; Wed, 3 Jan 2024 23:28:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [10.150.64.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id A3B261F7D1; Wed, 3 Jan 2024 23:28:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1704324508; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=r0wCWhBQozO3Z2ctWn9ecEecEmejOp5V+NjL13yOagY=; b=BFkjJ3xe/04i+BaxKLpxKfB7QrqITEsDPq9UhbjkP06uWOVCLi45rkOcaFArLxbPrVptGG U5wZA39aIOu5XzPOtl9UnUCbtdrFpIud5NL5bhH1HMUEqBZajV0CvhGfqgU5WOSsdxt48O OfSks4snNRATyA2AqjovMwAyTRPUx78= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1704324508; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=r0wCWhBQozO3Z2ctWn9ecEecEmejOp5V+NjL13yOagY=; b=BFkjJ3xe/04i+BaxKLpxKfB7QrqITEsDPq9UhbjkP06uWOVCLi45rkOcaFArLxbPrVptGG U5wZA39aIOu5XzPOtl9UnUCbtdrFpIud5NL5bhH1HMUEqBZajV0CvhGfqgU5WOSsdxt48O OfSks4snNRATyA2AqjovMwAyTRPUx78= Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id B65811398A; Wed, 3 Jan 2024 23:28:24 +0000 (UTC) Received: from dovecot-director2.suse.de ([10.150.64.162]) by imap1.dmz-prg2.suse.org with ESMTPSA id sMouEJjtlWWXTgAAD6G6ig (envelope-from ); Wed, 03 Jan 2024 23:28:24 +0000 From: Qu Wenruo To: linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org, akpm@linux-foundation.org, christophe.jaillet@wanadoo.fr, andriy.shevchenko@linux.intel.com, David.Laight@ACULAB.COM, ddiss@suse.de, geert@linux-m68k.org Subject: [PATCH v3 3/4] kstrtox: add unit tests for memparse_safe() Date: Thu, 4 Jan 2024 09:57:50 +1030 Message-ID: <048d17ce74c7169b6f6c04010078e9462017bce3.1704324320.git.wqu@suse.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Spam-Score: 1.90 X-Spamd-Result: default: False [1.90 / 50.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; FREEMAIL_ENVRCPT(0.00)[wanadoo.fr]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; BROKEN_CONTENT_TYPE(1.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_SIGNED(0.00)[suse.com:s=susede1]; RCPT_COUNT_SEVEN(0.00)[8]; MID_CONTAINS_FROM(1.00)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.com:email,suse.de:email]; FREEMAIL_TO(0.00)[vger.kernel.org,linux-foundation.org,wanadoo.fr,linux.intel.com,ACULAB.COM,suse.de,linux-m68k.org]; FUZZY_BLOCKED(0.00)[rspamd.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%] Authentication-Results: smtp-out2.suse.de; none X-Spam-Level: * X-Spam-Flag: NO X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1787113894190619059 X-GMAIL-MSGID: 1787113894190619059 The new tests cases for memparse_safe() include: - The existing test cases for kstrtoull() Including all the 3 bases (8, 10, 16), and all the ok and failure cases. Although there are something we need to verify specific for memparse_safe(): * @retptr and @value are not modified for failure cases * return value are correct for failure cases * @retptr is correct for the good cases - New test cases Not only testing the result value, but also the @retptr, including: * good cases with extra tailing chars, but without valid prefix The @retptr should point to the first char after a valid string. 3 cases for all the 3 bases. * good cases with extra tailing chars, with valid prefix 5 cases for all the suffixes. * good cases with valid but disabled suffixes The same 5 cases as the previous one, just disable the corresponding suffixes. * bad cases without any number but stray suffix Should be rejected with -EINVAL Signed-off-by: Qu Wenruo Reviewed-by: David Disseldorp --- lib/test-kstrtox.c | 244 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 244 insertions(+) diff --git a/lib/test-kstrtox.c b/lib/test-kstrtox.c index f355f67169b6..8f52b53c1374 100644 --- a/lib/test-kstrtox.c +++ b/lib/test-kstrtox.c @@ -268,6 +268,247 @@ static void __init test_kstrtoll_ok(void) TEST_OK(kstrtoll, long long, "%lld", test_ll_ok); } +/* + * The special pattern to make sure the result is not modified for error cases. + */ +#define ULL_PATTERN (0xefefefef7a7a7a7aULL) +#define POINTER_PATTERN ((void *)(uintptr_t)(ULL_PATTERN & UINTPTR_MAX)) + +/* Want to include "E" suffix for full coverage. */ +#define MEMPARSE_TEST_SUFFIX (MEMPARSE_SUFFIX_K | MEMPARSE_SUFFIX_M |\ + MEMPARSE_SUFFIX_G | MEMPARSE_SUFFIX_T |\ + MEMPARSE_SUFFIX_P | MEMPARSE_SUFFIX_E) + +static void __init test_memparse_safe_fail(void) +{ + struct memparse_test_fail { + const char *str; + /* Expected error number, either -EINVAL or -ERANGE. */ + unsigned int expected_ret; + }; + static const struct memparse_test_fail tests[] __initconst = { + /* No valid string can be found at all. */ + {"", -EINVAL}, + {"\n", -EINVAL}, + {"\n0", -EINVAL}, + {"+", -EINVAL}, + {"-", -EINVAL}, + + /* Only hex prefix, but no valid string. */ + {"0x", -EINVAL}, + {"0X", -EINVAL}, + + /* Only hex prefix, with suffix but still no valid string. */ + {"0xK", -EINVAL}, + {"0xM", -EINVAL}, + {"0xG", -EINVAL}, + + /* Only hex prefix, with invalid chars. */ + {"0xH", -EINVAL}, + {"0xy", -EINVAL}, + + /* + * No support for any leading "+-" chars, even followed by a valid + * number. + */ + {"-0", -EINVAL}, + {"+0", -EINVAL}, + {"-1", -EINVAL}, + {"+1", -EINVAL}, + + /* Stray suffix would also be rejected. */ + {"K", -EINVAL}, + {"P", -EINVAL}, + + /* Overflow in the string itself*/ + {"18446744073709551616", -ERANGE}, + {"02000000000000000000000", -ERANGE}, + {"0x10000000000000000", -ERANGE}, + + /* + * Good string but would overflow with suffix. + * + * Note, for "E" suffix, one should not use with hex, or "0x1E" + * would be treated as 0x1e (30 in decimal), not 0x1 and "E" suffix. + * Another reason "E" suffix is cursed. + */ + {"16E", -ERANGE}, + {"020E", -ERANGE}, + {"16384P", -ERANGE}, + {"040000P", -ERANGE}, + {"16777216T", -ERANGE}, + {"0100000000T", -ERANGE}, + {"17179869184G", -ERANGE}, + {"0200000000000G", -ERANGE}, + {"17592186044416M", -ERANGE}, + {"0400000000000000M", -ERANGE}, + {"18014398509481984K", -ERANGE}, + {"01000000000000000000K", -ERANGE}, + }; + unsigned int i; + + for_each_test(i, tests) { + const struct memparse_test_fail *t = &tests[i]; + unsigned long long tmp = ULL_PATTERN; + char *retptr = POINTER_PATTERN; + int ret; + + ret = memparse_safe(t->str, MEMPARSE_TEST_SUFFIX, &tmp, &retptr); + if (ret != t->expected_ret) { + WARN(1, "str '%s', expected ret %d got %d\n", t->str, + t->expected_ret, ret); + continue; + } + if (tmp != ULL_PATTERN) + WARN(1, "str '%s' failed as expected, but result got modified", + t->str); + if (retptr != POINTER_PATTERN) + WARN(1, "str '%s' failed as expected, but pointer got modified", + t->str); + } +} + +static void __init test_memparse_safe_ok(void) +{ + struct memparse_test_ok { + const char *str; + unsigned long long expected_value; + /* How many bytes the @retptr pointer should be moved forward. */ + unsigned int retptr_off; + + /* If 0, falls back to MEMPARSE_TEST_SUFFIX. */ + enum memparse_suffix suffixes; + }; + static DEFINE_TEST_OK(struct memparse_test_ok, tests) = { + /* + * The same pattern of kstrtoull, just with extra @retptr + * verification. + */ + {"0", 0ULL, 1}, + {"1", 1ULL, 1}, + {"127", 127ULL, 3}, + {"128", 128ULL, 3}, + {"129", 129ULL, 3}, + {"255", 255ULL, 3}, + {"256", 256ULL, 3}, + {"257", 257ULL, 3}, + {"32767", 32767ULL, 5}, + {"32768", 32768ULL, 5}, + {"32769", 32769ULL, 5}, + {"65535", 65535ULL, 5}, + {"65536", 65536ULL, 5}, + {"65537", 65537ULL, 5}, + {"2147483647", 2147483647ULL, 10}, + {"2147483648", 2147483648ULL, 10}, + {"2147483649", 2147483649ULL, 10}, + {"4294967295", 4294967295ULL, 10}, + {"4294967296", 4294967296ULL, 10}, + {"4294967297", 4294967297ULL, 10}, + {"9223372036854775807", 9223372036854775807ULL, 19}, + {"9223372036854775808", 9223372036854775808ULL, 19}, + {"9223372036854775809", 9223372036854775809ULL, 19}, + {"18446744073709551614", 18446744073709551614ULL, 20}, + {"18446744073709551615", 18446744073709551615ULL, 20}, + + {"00", 00ULL, 2}, + {"01", 01ULL, 2}, + {"0177", 0177ULL, 4}, + {"0200", 0200ULL, 4}, + {"0201", 0201ULL, 4}, + {"0377", 0377ULL, 4}, + {"0400", 0400ULL, 4}, + {"0401", 0401ULL, 4}, + {"077777", 077777ULL, 6}, + {"0100000", 0100000ULL, 7}, + {"0100001", 0100001ULL, 7}, + {"0177777", 0177777ULL, 7}, + {"0200000", 0200000ULL, 7}, + {"0200001", 0200001ULL, 7}, + {"017777777777", 017777777777ULL, 12}, + {"020000000000", 020000000000ULL, 12}, + {"020000000001", 020000000001ULL, 12}, + {"037777777777", 037777777777ULL, 12}, + {"040000000000", 040000000000ULL, 12}, + {"040000000001", 040000000001ULL, 12}, + {"0777777777777777777777", 0777777777777777777777ULL, 22}, + {"01000000000000000000000", 01000000000000000000000ULL, 23}, + {"01000000000000000000001", 01000000000000000000001ULL, 23}, + {"01777777777777777777776", 01777777777777777777776ULL, 23}, + {"01777777777777777777777", 01777777777777777777777ULL, 23}, + + {"0x0", 0x0ULL, 3}, + {"0x1", 0x1ULL, 3}, + {"0x7f", 0x7fULL, 4}, + {"0x80", 0x80ULL, 4}, + {"0x81", 0x81ULL, 4}, + {"0xff", 0xffULL, 4}, + {"0x100", 0x100ULL, 5}, + {"0x101", 0x101ULL, 5}, + {"0x7fff", 0x7fffULL, 6}, + {"0x8000", 0x8000ULL, 6}, + {"0x8001", 0x8001ULL, 6}, + {"0xffff", 0xffffULL, 6}, + {"0x10000", 0x10000ULL, 7}, + {"0x10001", 0x10001ULL, 7}, + {"0x7fffffff", 0x7fffffffULL, 10}, + {"0x80000000", 0x80000000ULL, 10}, + {"0x80000001", 0x80000001ULL, 10}, + {"0xffffffff", 0xffffffffULL, 10}, + {"0x100000000", 0x100000000ULL, 11}, + {"0x100000001", 0x100000001ULL, 11}, + {"0x7fffffffffffffff", 0x7fffffffffffffffULL, 18}, + {"0x8000000000000000", 0x8000000000000000ULL, 18}, + {"0x8000000000000001", 0x8000000000000001ULL, 18}, + {"0xfffffffffffffffe", 0xfffffffffffffffeULL, 18}, + {"0xffffffffffffffff", 0xffffffffffffffffULL, 18}, + + /* Now with extra non-suffix chars to test @retptr update. */ + {"1q84", 1, 1}, + {"02o45", 2, 2}, + {"0xffvii", 0xff, 4}, + + /* + * Valid suffix then tailing chars, to test the @retptr + * behavior. + */ + {"68k ", 69632, 3}, + {"8MS", 8388608, 2}, + {"0xaeGis", 0x2b80000000, 5}, + {"0xaTx", 0xa0000000000, 4}, + {"3E8", 0x3000000000000000, 2}, + + /* Valid suffixes but not enabled. */ + {"68k ", 68, 2, MEMPARSE_SUFFIX_M}, + {"8MS", 8, 1, MEMPARSE_SUFFIX_K}, + {"0xaeGis", 0xae, 4, MEMPARSE_SUFFIX_K}, + {"0xaTx", 0xa, 3, MEMPARSE_SUFFIX_K}, + {"3E8", 3, 1, MEMPARSE_SUFFIX_K}, + }; + unsigned int i; + + for_each_test(i, tests) { + const struct memparse_test_ok *t = &tests[i]; + unsigned long long tmp; + char *retptr; + int ret; + enum memparse_suffix suffixes = MEMPARSE_TEST_SUFFIX; + + if (t->suffixes) + suffixes = t->suffixes; + + ret = memparse_safe(t->str, suffixes, &tmp, &retptr); + if (ret != 0) { + WARN(1, "str '%s', expected ret 0 got %d\n", t->str, ret); + continue; + } + if (tmp != t->expected_value) + WARN(1, "str '%s' incorrect result, expected %llu got %llu", + t->str, t->expected_value, tmp); + if (retptr != t->str + t->retptr_off) + WARN(1, "str '%s' incorrect endptr, expected %u got %zu", + t->str, t->retptr_off, retptr - t->str); + } +} static void __init test_kstrtoll_fail(void) { static DEFINE_TEST_FAIL(test_ll_fail) = { @@ -710,6 +951,9 @@ static int __init test_kstrtox_init(void) test_kstrtoll_ok(); test_kstrtoll_fail(); + test_memparse_safe_ok(); + test_memparse_safe_fail(); + test_kstrtou64_ok(); test_kstrtou64_fail(); test_kstrtos64_ok(); From patchwork Wed Jan 3 23:27:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Qu Wenruo X-Patchwork-Id: 184873 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:6f82:b0:100:9c79:88ff with SMTP id tb2csp5319635dyb; Wed, 3 Jan 2024 15:29:55 -0800 (PST) X-Google-Smtp-Source: AGHT+IG3hQThWQPb7n6YDaTvFUMuV3DfrISRvO0GOGr/iatmXFIhsoHeQtHi8d3AArBntbSRMCIQ X-Received: by 2002:a05:620a:1a89:b0:77d:9d58:5467 with SMTP id bl9-20020a05620a1a8900b0077d9d585467mr24745694qkb.29.1704324595390; Wed, 03 Jan 2024 15:29:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704324595; cv=none; d=google.com; s=arc-20160816; b=Q0WdbVMEmZgz3CmAzGPwoYtEHwRZVX1rvmAdsI3oLGfKYo55Q3CvEXIsJbWwChkKxD /ozP28S6qzzajQnu2usiM5ZSolK2HuCi3nthBR9Tvgxm+11PQAHhdy9x33LJX2ULTTMo K87dEmgyad3cHO8wOxUHA6JKMQGNC05PbauoO84OkA90fo0SdsfjUvhNQUF5eV1TYIVg kD8N4luZVxaZEpLVH8jLbd4u10aP+cg5AUSbV5brTVG1zmeUiBFJOBuK2Ix/KFvs8kzV HmLeUkq/JeEJU4VWMDds+nwqrJYuJ0DeDRSMf611KABCr9JP8h9CMEii481PTzFErFir eztg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:to:from:dkim-signature:dkim-signature; bh=1VzFgHrE0lFC+VNDDj8M8pUUWESRusrMT1ddLdCqdXU=; fh=5WEccoI3MXPoqgQkOYurL1AQ0GZs+h36FarqzwkCNds=; b=UrqOd0VP8NMDEXK3ABGWcT7Rk3xuEO/wE/pUNTsOzr42KSmQMAM/EcB5ZBatkxtVr7 cho76xs146V5oT6r5xBf6j3kBAxHd9NjRfrJmiG3ij7FDGhLQKW6/bi0uLSOgXp+H2r2 azHChTZprE/lDifTb2JNfQhXSA9fdEf9dC3lcWiQEYsPfsbE7o9d/48ZIZf+7BADBvIN 2piPlnIWyqBHq4A9YXYuF2Qnu5kfmZQ8T144XHDoKwKj+HStBKYT3bLhnen/QaBM0cA5 xSibz0EW+2epPbpkcj6pVT/xCbco99K8EdGUSxhhbqtJRKKANvXsu1UIX8NXn73VVTlB r1EA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=iA7DfiSb; dkim=pass header.i=@suse.com header.s=susede1 header.b=iA7DfiSb; spf=pass (google.com: domain of linux-kernel+bounces-16119-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16119-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223]) by mx.google.com with ESMTPS id c18-20020a37e112000000b0077d98a59c9bsi28168889qkm.440.2024.01.03.15.29.55 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Jan 2024 15:29:55 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-16119-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=iA7DfiSb; dkim=pass header.i=@suse.com header.s=susede1 header.b=iA7DfiSb; spf=pass (google.com: domain of linux-kernel+bounces-16119-ouuuleilei=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-16119-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=suse.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 6FFC31C249DF for ; Wed, 3 Jan 2024 23:29:51 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DF3FA20B09; Wed, 3 Jan 2024 23:28:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="iA7DfiSb"; dkim=pass (1024-bit key) header.d=suse.com header.i=@suse.com header.b="iA7DfiSb" X-Original-To: linux-kernel@vger.kernel.org Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.223.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9F806208DA; Wed, 3 Jan 2024 23:28:35 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=suse.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=suse.com Received: from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org [10.150.64.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id BE9E81F7D1; Wed, 3 Jan 2024 23:28:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1704324513; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1VzFgHrE0lFC+VNDDj8M8pUUWESRusrMT1ddLdCqdXU=; b=iA7DfiSbWuoqRI5TWOUFau6fl2Av6d4rlxS18czGmXygf2JiWqTLpUX0zMfjvHGxXWafnA 5igBLXuHcaGK6XTrgJYXCAvh3BIAWNSn7UGa1AgCL0eD2Hb4A6VLW8oMdB4/SvkkJa6bx7 MLnd/qJWxNX8INbpyA1IlAtra82H82A= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1704324513; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=1VzFgHrE0lFC+VNDDj8M8pUUWESRusrMT1ddLdCqdXU=; b=iA7DfiSbWuoqRI5TWOUFau6fl2Av6d4rlxS18czGmXygf2JiWqTLpUX0zMfjvHGxXWafnA 5igBLXuHcaGK6XTrgJYXCAvh3BIAWNSn7UGa1AgCL0eD2Hb4A6VLW8oMdB4/SvkkJa6bx7 MLnd/qJWxNX8INbpyA1IlAtra82H82A= Received: from imap1.dmz-prg2.suse.org (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id 88D031398A; Wed, 3 Jan 2024 23:28:29 +0000 (UTC) Received: from dovecot-director2.suse.de ([10.150.64.162]) by imap1.dmz-prg2.suse.org with ESMTPSA id 8G8ZCZ3tlWWXTgAAD6G6ig (envelope-from ); Wed, 03 Jan 2024 23:28:29 +0000 From: Qu Wenruo To: linux-btrfs@vger.kernel.org, linux-kernel@vger.kernel.org, akpm@linux-foundation.org, christophe.jaillet@wanadoo.fr, andriy.shevchenko@linux.intel.com, David.Laight@ACULAB.COM, ddiss@suse.de, geert@linux-m68k.org Subject: [PATCH v3 4/4] btrfs: migrate to the newer memparse_safe() helper Date: Thu, 4 Jan 2024 09:57:51 +1030 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Authentication-Results: smtp-out2.suse.de; none X-Spam-Level: ***** X-Spam-Score: 5.34 X-Spamd-Result: default: False [5.34 / 50.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; FREEMAIL_ENVRCPT(0.00)[wanadoo.fr]; R_MISSING_CHARSET(2.50)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; BROKEN_CONTENT_TYPE(1.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_SIGNED(0.00)[suse.com:s=susede1]; NEURAL_HAM_SHORT(-0.06)[-0.293]; NEURAL_SPAM_LONG(3.50)[1.000]; RCPT_COUNT_SEVEN(0.00)[8]; MID_CONTAINS_FROM(1.00)[]; DBL_BLOCKED_OPENRESOLVER(0.00)[suse.com:email,suse.de:email]; FREEMAIL_TO(0.00)[vger.kernel.org,linux-foundation.org,wanadoo.fr,linux.intel.com,ACULAB.COM,suse.de,linux-m68k.org]; FUZZY_BLOCKED(0.00)[rspamd.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%] X-Spam-Flag: NO X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1787113866872961800 X-GMAIL-MSGID: 1787113866872961800 The new helper has better error report and correct overflow detection, furthermore the old @retptr behavior is also kept, thus there should be no behavior change. Signed-off-by: Qu Wenruo Reviewed-by: David Disseldorp --- fs/btrfs/ioctl.c | 6 +++++- fs/btrfs/super.c | 9 ++++++++- fs/btrfs/sysfs.c | 14 +++++++++++--- 3 files changed, 24 insertions(+), 5 deletions(-) diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c index 4e50b62db2a8..cb63f50a2078 100644 --- a/fs/btrfs/ioctl.c +++ b/fs/btrfs/ioctl.c @@ -1175,7 +1175,11 @@ static noinline int btrfs_ioctl_resize(struct file *file, mod = 1; sizestr++; } - new_size = memparse(sizestr, &retptr); + + ret = memparse_safe(sizestr, MEMPARSE_SUFFIXES_DEFAULT, + &new_size, &retptr); + if (ret < 0) + goto out_finish; if (*retptr != '\0' || new_size == 0) { ret = -EINVAL; goto out_finish; diff --git a/fs/btrfs/super.c b/fs/btrfs/super.c index 3a677b808f0f..0f29fd692e0f 100644 --- a/fs/btrfs/super.c +++ b/fs/btrfs/super.c @@ -263,6 +263,8 @@ static int btrfs_parse_param(struct fs_context *fc, struct fs_parameter *param) { struct btrfs_fs_context *ctx = fc->fs_private; struct fs_parse_result result; + /* Only for memparse_safe() caller. */ + int ret; int opt; opt = fs_parse(fc, btrfs_fs_parameters, param, &result); @@ -400,7 +402,12 @@ static int btrfs_parse_param(struct fs_context *fc, struct fs_parameter *param) ctx->thread_pool_size = result.uint_32; break; case Opt_max_inline: - ctx->max_inline = memparse(param->string, NULL); + ret = memparse_safe(param->string, MEMPARSE_SUFFIXES_DEFAULT, + &ctx->max_inline, NULL); + if (ret < 0) { + btrfs_err(NULL, "invalid string \"%s\"", param->string); + return ret; + } break; case Opt_acl: if (result.negated) { diff --git a/fs/btrfs/sysfs.c b/fs/btrfs/sysfs.c index 84c05246ffd8..6846572496a6 100644 --- a/fs/btrfs/sysfs.c +++ b/fs/btrfs/sysfs.c @@ -762,6 +762,7 @@ static ssize_t btrfs_chunk_size_store(struct kobject *kobj, struct btrfs_fs_info *fs_info = to_fs_info(get_btrfs_kobj(kobj)); char *retptr; u64 val; + int ret; if (!capable(CAP_SYS_ADMIN)) return -EPERM; @@ -776,7 +777,10 @@ static ssize_t btrfs_chunk_size_store(struct kobject *kobj, if (space_info->flags & BTRFS_BLOCK_GROUP_SYSTEM) return -EPERM; - val = memparse(buf, &retptr); + ret = memparse_safe(buf, MEMPARSE_SUFFIXES_DEFAULT, &val, &retptr); + if (ret < 0) + return ret; + /* There could be trailing '\n', also catch any typos after the value */ retptr = skip_spaces(retptr); if (*retptr != 0 || val == 0) @@ -1779,10 +1783,14 @@ static ssize_t btrfs_devinfo_scrub_speed_max_store(struct kobject *kobj, { struct btrfs_device *device = container_of(kobj, struct btrfs_device, devid_kobj); - char *endptr; unsigned long long limit; + char *endptr; + int ret; + + ret = memparse_safe(buf, MEMPARSE_SUFFIXES_DEFAULT, &limit, &endptr); + if (ret < 0) + return ret; - limit = memparse(buf, &endptr); /* There could be trailing '\n', also catch any typos after the value. */ endptr = skip_spaces(endptr); if (*endptr != 0)